gpt4 book ai didi

azure - 如何使用 SharedAccessSignature 访问 blob

转载 作者:行者123 更新时间:2023-12-04 15:14:20 27 4
gpt4 key购买 nike

我正在尝试访问存储在 Windows Azure 私有(private)容器中的 blob。该容器具有共享访问签名,但是当我尝试时要访问 blob,我收到 StorgeClientException“服务器无法验证请求。请确保形成授权 header 正确包含签名”。

创建容器并上传 blob 的代码如下所示:

// create the container, set a Shared Access Signature, and share it 

// first this to do is to create the connnection to the storage account
// this should be in app.config but as this isa test it will just be implemented
// here:
// add a reference to Microsoft.WindowsAzure.StorageClient
// and Microsoft.WindowsAzure.StorageClient set up the objects
//storageAccount = CloudStorageAccount.DevelopmentStorageAccount;

storageAccount = CloudStorageAccount.Parse(ConfigurationManager.AppSettings["ConnectionString"]);
blobClient = storageAccount.CreateCloudBlobClient();

// get a reference tot he container for the shared access signature
container = blobClient.GetContainerReference("blobcontainer");
container.CreateIfNotExist();

// now create the permissions policy to use and a public access setting
var permissions = container.GetPermissions();
permissions.SharedAccessPolicies.Remove("accesspolicy");
permissions.SharedAccessPolicies.Add("accesspolicy", new SharedAccessPolicy
{
// this policy is live immediately
// if the policy should be delatyed then use:
//SharedAccessStartTime = DateTime.Now.Add(T); where T is some timespan
SharedAccessExpiryTime =
DateTime.UtcNow.AddYears(2),
Permissions =
SharedAccessPermissions.Read | SharedAccessPermissions.Write
});

// turn off public access
permissions.PublicAccess = BlobContainerPublicAccessType.Off;

// set the permission on the ocntianer
container.SetPermissions(permissions);

var sas = container.GetSharedAccessSignature(new SharedAccessPolicy(), "accesspolicy");


StorageCredentialsSharedAccessSignature credentials = new StorageCredentialsSharedAccessSignature(sas);
CloudBlobClient client = new CloudBlobClient(storageAccount.BlobEndpoint,
new StorageCredentialsSharedAccessSignature(sas));

CloudBlob sasblob = client.GetBlobReference("blobcontainer/someblob.txt");
sasblob.UploadText("I want to read this text via a rest call");

// write the SAS to file so I can use it later in other apps
using (var writer = new StreamWriter(@"C:\policy.txt"))
{
writer.WriteLine(container.GetSharedAccessSignature(new SharedAccessPolicy(), "securedblobpolicy"));
}

我一直试图用来读取 blob 的代码如下所示:

// the storace credentials shared access signature is copied directly from the text file "c:\policy.txt"
CloudBlobClient client = new CloudBlobClient("https://my.azurestorage.windows.net/", new StorageCredentialsSharedAccessSignature("?sr=c&si=accesspolicy&sig=0PMoXpht2TF1Jr0uYPfUQnLaPMiXrqegmjYzeg69%2FCI%3D"));

CloudBlob blob = client.GetBlobReference("blobcontainer/someblob.txt");

Console.WriteLine(blob.DownloadText());
Console.ReadLine();

我可以通过添加帐户凭据来完成上述工作,但这正是我想要避免的。我不想要什么就像我的帐户凭据一样敏感,我不知道如何在没有帐户凭据的情况下将签名输入客户端应用程序。

非常感谢任何帮助。

最佳答案

为什么会这样?

writer.WriteLine(container.GetSharedAccessSignature(new SharedAccessPolicy(), "securedblobpolicy"));

并且不写入您已经创建的 sas 字符串?

已经晚了,我很容易会丢失一些东西,但似乎您可能没有保存与最初用来写入文件的相同的访问签名。

也许与此无关,但我相信您可以拥有的容器范围策略的数量是有限的。您是否使用此代码将多个文件上传到同一个容器并每次创建一个新容器 sas?

总的来说,我认为最好在需要时为单个 blob 请求一个 sas,并且到期时间较短。

关于azure - 如何使用 SharedAccessSignature 访问 blob,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/10453563/

27 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com